Are you tired of talking about the cloud yet? Good. Neither are we. In fact, we recently devoted our first webinar of the year to the topic. You can download the webcast replay of the event here. A summary of the key topics discussed during the webinar is below.

Increased Adoption of the Cloud

According to our managing director, Vinod Paul, over 80 percent of the new clients we brought on board last year are utilizing the cloud in some way, shape or form. As hedge funds continue to battle for institutional dollars, the smaller firms, in particular, are able to leverage the cloud for enterprise-level technology at an often reduced cost.

Speaking of cost, it’s one of the main drivers for firms moving to the cloud. Three to five years ago, hedge funds typically had to pay $300-500K dollars to set up an initial IT environment. In today’s rapidly changing landscape, firms are looking to pay less money out-of-pocket, as well as decrease their initial deployment times.

With the cloud, resource deployment and allocation only take days or weeks instead of months. The increased flexibility with the cloud is an enormous driver, allowing firms to customize how they use this technology platform. The cloud can easily work on a different scale for small and large firms, with smaller startups outsourcing their entire IT landscape and larger firms having the flexibility to use a hybrid model and determine which aspects of their environment they want to manage in-house or outsource.

Is the Cloud Regulated?

To regulators such as the SEC and FINRA, the term “cloud computing” doesn’t really resonate. They tend to use the word “outsourcing” when defining rules for investment advisers and broker-dealers. Broker-dealer rules, in particular, have become more specific in recent years, and there is currently a proposed rule which would prevent BDs from outsourcing arrangements that involve moving cash or securities. Additionally, BDs are required to provide advanced notice to FINRA and the SEC about outsourcing their recordkeeping.

Under the Dodd-Frank Act, investment advisers (including most hedge funds) are required to maintain records of all activites related to their business, but the rules are not as specific in regards to if those records are outsourced. Firms must also complete Form ADV, which requires the disclosure of firms’ service providers and their level of involvement. In the coming years, we may see changes in regards to how regulatory bodies govern the cloud, but for now, there is a lot of ambiguity.

Cloud Security Best Practices & Evaluating Your Service Provider

The threat of a cyber attack is a reality for all organizations, whether they are using the cloud or not. Regardless of a firm’s IT infrastructure, it should take all measures to protect the firm and its sensitive information. For both on-premise and cloud technology, where data is stored in a colocation facility somewhere, you’ll want to ensure that proper physical security procedures are in place, including biometric screening and authentication, monitored cabinets and cages and 24x7x365 surveillance. On the cloud level, you’ll also need to ensure your service uses proper virtualization security, meaning your data needs to be isolated from that of other firms using the same cloud.